Skip to content

Instantly share code, notes, and snippets.

@CreateRemoteThread
Created December 29, 2016 23:36
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save CreateRemoteThread/fd0939e1d3a93847950fbcdc425625ce to your computer and use it in GitHub Desktop.
#!/usr/bin/python
from Crypto.Cipher import AES
import pwn
import binascii
import sys
import os
BS = 16
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
RHOST = "78.46.224.87"
# RHOST = "127.0.0.1"
RPORT = 12345
CLIENT_MRAND = "\x02" * 16
AES_PINKEY = "\x31\xb9\x0b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" # 768305 ?
preshared_crypto = AES.new(AES_PINKEY,AES.MODE_ECB)
AES_CLIENTKEY = preshared_crypto.encrypt(CLIENT_MRAND)
# preshared_crypto2 = AES.new(AES_PINKEY,AES.MODE_ECB)
# print binascii.hexlify(preshared_crypto2.decrypt(binascii.unhexlify("0b11b65705888b8fb4fc71e82cb7c8cf")))
# sys.exit(0)
p = pwn.remote(RHOST,RPORT)
print " [>] sending MCONFIRM, which is AES(key=PIN,data=MRAND) : " + binascii.hexlify(AES_CLIENTKEY)
# USER SELECT
p.send("\x15\x00\x00\x00\x02" + AES_CLIENTKEY)
print " [<] recving SCONFIRM, decrypted key in data_decrypted..."
data = p.recv()
if data[0] != '\x14':
print " [!] unexpected data packet %s" % binascii.hexlify(data)
sys.exit(0)
print " [!] received: %s" % binascii.hexlify(data[4:])
SCONFIRM_DECRYPTED = preshared_crypto .decrypt(data[4:])
print " [!] decrypted: %s" % binascii.hexlify(SCONFIRM_DECRYPTED)
# this decrypted value is the value originally encrypted by the server at the first call
# of 0x00401481, after receiving MConfirm (i.e. SConfirm). we know SConfirm is
# this for sure.
print " [>] sending MRAND, which is 0x02 * 16"
p.send("\x14\x00\x00\x00" + CLIENT_MRAND)
print " [<] recving SRAND, decrypted key in srand_decrypted..."
data = p.recv()
if data[0] != '\x14':
print " [!] unexpected data packet %s" % binascii.hexlify(data)
sys.exit(0)
print " [!] SRAND received: %s" % binascii.hexlify(data[4:])
SRAND_DECRYPTED = preshared_crypto .decrypt(data[4:])
SRAND_RECEIVED = data[4:]
print " [!] our unencrypted session key is [CORRECT] : " + binascii.hexlify(SRAND_RECEIVED[8:] + CLIENT_MRAND[0:8])
CBC_KEY = preshared_crypto.encrypt(SRAND_RECEIVED[8:] + CLIENT_MRAND[0:8])
print " [!] our session key is s1(tk,srand,mrand) : " + binascii.hexlify(CBC_KEY)
print " [CBC_KEY/session key IS CORRECT:BREAK AT 0x401894 and VERIFY 0x608060]"
def sessionkey_encrypt(string):
srand_crypto = AES.new(CBC_KEY, AES.MODE_CBC,'\x00' * 16)
return srand_crypto.encrypt(pad(string))
def sessionkey_decrypt(string):
srand_crypto = AES.new(CBC_KEY, AES.MODE_CBC,'\x00' * 16)
return srand_crypto.decrypt(string)
encrypted_open = sessionkey_encrypt("OPEN 1")
print " [>] trying to send OPEN 1, which is " + binascii.hexlify(encrypted_open)
p.send("\x14\x00\x00\x00" + encrypted_open)
encrypted_list = sessionkey_encrypt("LIST")
print " [>] trying to send LIST, which is " + binascii.hexlify(encrypted_list)
p.send("\x14\x00\x00\x00" + encrypted_list)
data = p.recv()
print sessionkey_decrypt(data[4:])
encrypted_take = sessionkey_encrypt("SHOW 0")
print " [>] trying to send TAKE 0, which is " + binascii.hexlify(encrypted_take)
p.send("\x14\x00\x00\x00" + encrypted_take)
data = p.recv()
print sessionkey_decrypt(data[4:])
p.close()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment